OWASP Board Meetings 6-3-08

Minutes: OWASP Board meeting

June 3, 2008 12:00pm EST

Present: Jeff Williams, Tom Brennan, Dinis Cruz, Paulo Alison Shrader, Kate Hartmann

Joining: Sebastien Deleersnyder

Absent: Dave Wichers

Review of Action Items:

Update on details of working groups: Update on details of working groups: Goal of working groups is to provide forum for a group to meet to produce a deliverable. Part of the problem is a current lack of functioning OWASP Working groups, so a new EASPI Working Group will be created and OWASP will organize a working session at Washington DC where the main EASPI contributors will be invited to participate. Jeff Williams will structure an agenda and plan for this session.

Identified need for clearer guidelines for OWASP projects: The first and second round reviews for SOC are to be completed and documented. This will provide definition of procedures for future projects. Larry and Paulo will work on updating wiki.

Job Description: Alison will resend to board members for review.

OWASP Blog pages: The need for a forum to discuss projects has been identified. Project leaders and other OWASP leaders will be encouraged to utilize blog pages. This will be monitored to determine if updates to the wiki need to be made or if other software should be introduced to support this communication.

Local Chapter Finance model: The need to establish guidelines and processes for local chapters to facilitate financial, membership, conferences, and sponsorship was identified. One question is the need for chapters to obtain 501c3 status to manage their incoming donations. Kate will develop a draft of procedures to include roles of chapter and roles of OWASP regarding these chapter issues. Document will be reviewed by board and discussed at next meeting.

Tom will update bylaws to include a financial audit.

Items removed from list: Write a proposal and send to board about letting corporate members choose which project their funds go to. (this will be discussed in the chapter guideline and sponsorship documents)

OWASP Financials:

Audit is scheduled for next week.

OWASP 200k investment plan

150K: OWASP EU Summit

35K: 4x Graduates from xyz University

15K: Working Group in DC

OWASP London Office

New employee to focus on OWASP chapters and help Paulo? Kate has been working on contacting chapter leaders to solicit information on what they need from OWASP. Feedback document to be sent out in the next week or so.

Office Space in London (from an OWASP friend, together with Ivan from Breach Security).

Conferences:

Recap of Belgium conference

Cvent post event survey indicates that while overall, the conference went well, there are a few areas for improvement.

Surveys to be given after EACH speaker presentation going forward.

Comments on speakers will be taken into consideration when planning future conferences.

NY conference on schedule.

Agenda planned

Alison to finalize bags for conference

20 people registered for conference; 11 people registered for classes

Proposal for OWASP EU SUMMIT 2008 http://www.owasp.org/index.php/OWASP_EU_Summit_2008

A conference about OWASP for OWASP members

Attendance will be made of paid attendees (just like the other OWASP conferences) and by OWASP contributors (project and chapter leaders + AoC,SpoC and SoC participators) which will be personally invited and (most) expenses paid by OWASP

Chapter Happenings

New chapters: Nigeria, Vietnam, Iran, Dallas

Chapter leader changes: Denmark, Kerala, Argentina, Germany

Inactive chapters: Message will be posted on inactive chapter sites indicating that the chapter needs a leader. Chapters will not be “closed.”

Guidelines will be developed to help chapters thrive. These include, financial support, membership drives, legal issues, meeting planning and resources. OWASP to maintain free and open concept for members and develop more opportunities to support chapter happenings.